Proposal of OpenPGP Email Validation

nico at nico at
Mon Jul 27 20:19:07 CEST 2015

Hi Ingo,
thanks a lot for the feedback.

Am 27.07.2015 um 16:31 schrieb Ingo Klöcker:
> On Monday 27 July 2015 07:55:03 nico at wrote:
>> Hi all,
>> in March we discussed here
>> "German ct magazine postulates death of pgp encryption"
>> and Patrick Brunschwig proposed a way to validate email addresses
>> I also had in mind:
>> In the past months I tried to come up with a concrete proposal.
>> I discussed it already with some people and
>> this is what I/we propose so far.
>> The proposal is not perfect and not completely worked out
>> but IMO it is ready for a broader discussion and review.
> This whole concept of a whitelist of "trusted validation servers" included in 
> the email clients sounds a lot like the CA certificate bundles included in 
> browsers and/or OSes. Who is going to maintain this whitelist? The email 
> client developers? The OS manufactures? Who is going to certify "trusted 
> validation servers", i.e. who is going to tell benign validation servers apart 
> from malignant validation servers?
I agree that this is a key issue/problem of the approach.
And indeed, I suggest to initially or by default give some trust
to some signatures.

Note that I propose different things, though:
1) A standard format for such validations.
   This simply would help to be able to deal with any
   validation approach.
2) A way to establish such validations
   by using a validating key server proxy.
3) A whitelist.

I am happy to only have 1) and 2) and to teach people
to trust e.g. specific servers (and to mistrust others).

I only want to have a way to manage email validations
(a common technique where everybody wonders why this
 is not supported).
This is the best I could come up with after discussing this
with several people.
And so far it would be a lot more than we have now.
It it might fix a problem which otherwise is a show stopper.

If this is not appropriate, what do YOU propose instead
for email validation?
So many processes in this world are today based on email validation.
Do you think that in general email validation is not the right approach
or do you propose something different?

> Your proposal seems to repeat a lot of the (failed) concepts of the 
> centralized CA approach. For this reason I think the approach is doomed to 
> fail the same way the centralized CA approach has failed (even if everybody 
> seems to ignore its failure).
I TRIED to avoid some of them:
- avoiding to many signatures
- providing no central solution
It's the best I could come up with.
I don't see any other form but may be you know better.
Tell me!

> I'd rather put my bets on a DANE-based approach like 
I am happy with ANY solution here.
I don't know all the details about DANE, but as far as I know
it is promising but well not established yet.
If we don#t need my proposal, great!
But if establishing DANE will take more time or if there are
some flaws with it), I would like to have this solution
because IMO it would help.
But I might be wrong.

Thanks and all the best

BTW, the name sounds German and I am happy to discuss this whole issue
with you in person.

> Regards,
> Ingo

Nicolai M. Josuttis
mailto:nico at
PGP fingerprint: CFEA 3B9F 9D8E B52D BD3F 7AF6 1C16 A70A F92D 28F5

More information about the Gnupg-users mailing list